In the 3rd Generation Partnership Project (3GPP) architecture of the Radio Access Network (RAN), the Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access is provided by Radio Base Stations (RBS). A Radio Base Station is called eNodeB (eNB) in E-UTRAN.
FIG. 1 illustrates the architecture of an embodiment of a communication network 100 at interaction between mobility management nodes, such as e.g. between a S4 Serving General Packet Radio Service (GPRS) Support Node (SGSN) 101 and a Mobility Management Entity (MME) 103. The communication network 100 is a telecommunication network using wireless and/or wired communication techniques. The communication network 100 may use technologies such as Long Term Evolution (LTE), General Packet Radio Service (GPRS) etc. It should be noted that the communication links in the communication network 100 may be of any suitable kind comprising either a wired or wireless radio link. The links may use any suitable protocol depending on type and level of layer, e.g. as indicated by the Open System Interconnection (OSI) model, as understood by the person skilled in the art. A base station 105, such as e.g. an eNodeB, communicates with the core network (CN) functions MME 103 using the S1-MME reference point, and with the Serving Gateway (SGW) 107 using the S1-U reference point. The SGW 107 acts as a mobility anchor and routes and forwards user plane data between a Packet Data Network Gateway (PDN gateway) 109 and the base station 105.
The MME 103 is a core network node which provides core network mobility management of the E-UTRAN 111 access, and the SGW 107 provides Internet Protocol (IP) connectivity of E-UTRAN 111 access. The S4 SGSN 101 is a core network node which provides core network mobility management of the UTRAN 112 and Global System for Mobile communication (GSM) Edge Radio Access Network (GERAN) 113 accesses.
Interaction between the S4 SGSN 101 and the MME 103 is performed at the S3 reference point. A User Equipment (UE) 115 registered by an S4 SGSN 101 may use an Idle mode Signaling Reduction (ISR). Idle mode signaling reduction is a feature that allows the user equipment 115 to roam between LTE and 2nd Generation/3rd Generation (2G/3G) without performing location registration at the mobility management node in the new access. The ISR will be described in more detail below.
The user equipment 115 may be any suitable communication device or computational device with communication capabilities capable to communicate with a base station over a radio channel, for instance but not limited to mobile phone, smart phone, Personal Digital Assistant (PDA), laptop, MP3 player or portable Digital Video Disc (DVD) player, or similar media content devices, digital camera, or even stationary devices such as a Personal Computer (PC). A PC may also be connected via a user equipment 115 as the end station of the broadcasted/multicasted media. The user equipment 201 may be referred to as UE in some of the drawings.
The MME 103 is responsible for authenticating the user equipment 115 by interacting with a subscription unit, e.g. a Home Subscriber Server (HSS) 116.
The PDN Gateway 109 provides connectivity from the user equipment 115 to external packet data networks providing IP services from operators, such as e.g. IP Multimedia Subsystem (IMS), packet switch streaming (PSS) etc. 118
A Policy and Charging Rules Function (PCRF) 121 is connected between the PDN Gateway 109 and an operator's IP services 118, and takes care of policy and charging issues between the user equipment 115 and the operator.
The SGSN 101 connects to the UTRAN 112/GERAN 113.
It should be appreciated that the network 100 is configured with cabling, routers, switches, and other network building elements (not shown) as understood by the skilled person, for instance as used for building an Ethernet or Wireless Access Network (WAN) network.
As illustrated in FIG. 2, the interaction between Gn/Gp SGSN 101 and MME 103 is performed at the Gn reference point. A user equipment 115 registered by a Gn/Gp SGSN 101 does not have ISR active. The Gn/Gp SGSN 101 is a core network node which provides core network mobility management of the UTRAN 112 and GERAN 113 accesses. An SGSN 101 complying with a 3GPP release prior of Rel-8 is a Gn/Gp SGSN. A Rel-8 and later releases of an SGSN may be either a Gn/Gp SGSN or an S4 SGSN. The units shown in FIG. 2 are basically the same as in FIG. 1. Therefore, the descriptions of the units are not repeated for the sake of simplicity.
Security Handling at an Access Change to E-UTRAN
The 3GPP access may be protected by security mechanisms that employ integrity and ciphering on the radio interface. In GERAN, ciphering is, optionally, applied to protect the user data. In UTRAN, ciphering is, optionally, applied to protect the user data. Control signaling is integrity protected, mandatory, and encrypted, optional. For UTRAN the control signaling is protected by a Radio Network Controller (RNC). This applies both to Access Stratum (AS) signaling, Radio Resource Control (RRC) signaling between the RNC and the user equipment 115 and Non Access Stratum (NAS) signaling, CN—UE signaling. For the E-UTRAN 111 access, the security requirement is extended to for normal use, i.e. non-emergency use, require use of integrity protection, and optionally ciphering of the NAS signaling independent of the AS signaling. I.e. the AS signaling is protected by the E-UTRAN 111, in the eNodeB 105, and the NAS signaling is protected by the Evolved Packet Core (EPC), in the MME 103.
For the E-UTRAN 111 access the security mechanisms has also been changed and they are not backwards compatible. This means that it is not possible to derive a full, i.e. native Evolved Packet System (EPS) security context based on a Universal Subscriber Identity Module (USIM) security context used in GERAN 113 or UTRAN 112.
It is permitted to temporarily, during an access change to E-UTRAN 111 and for NAS messages sent by the user equipment 115 to the MME 103, use a mapped security context based on the GERAN 113/UTRAN 112 security context. However, 3GPP recommends that the mapped security context is replaced with a native EPS security context as soon as possible after access change to E-UTRAN 111.
The user equipment 115 may simultaneously store both a mapped security context and the native EPS security context that was used last time the user equipment 115 visited the E-UTRAN access 111.
If a native security context is available then the MME 103 may start to use it by executing a Secure Mode Command (SMC) procedure, i.e. NAS signaling.
If there is no native security context available then the MME 103 must first execute the authentication procedure which may comprise retrieving new EPS security vectors from the HSS 116/Authentication Centre (AuC).
E-UTRAN Interaction with Legacy GERAN/UTRAN Access and Gn/Gp SGSN
The user equipment 115 may have two temporary identities pointing out which packet core node, i.e. SGSN 101/MME 103, which shall handle traffic for the user equipment 115. When ISR is active, the user equipment 115 uses two independent identifiers, Globally Unique Temporary Identity (GUTI) to the MME 103 and Packet Temporary Mobile Subscriber Identity (P-TMSI) to the SGSN 101, to enable radio nodes to select the correct packet core node in a pool configuration.
When ISR is not active the user equipment 115 uses only one temporary identifier for the node registration: either a P-TMSI plus an old Routing Area Identity (RAI) provided by an SGSN 101, or a GUTI provided by an MME 103 to enable radio nodes to select the correct node in a pool configuration. If the user equipment 115 only has the P-TMSI, but needs the GUTI, then the user equipment 115 maps the value of the P-TMSI into the GUTI parameter, providing a mapped GUTI. Then, the task of the eNodeB 105 is to interpret a Globally Unique MME Identifier (GUMMEI) part of the mapped GUTI assigned by the SGSN 101, and to perform a correct choice of MME 103.
The existing method for enabling mobility management node selection, i.e. the existing user equipment behavior will now be described with reference to the combined signaling diagram and flowchart depicted in FIG. 3 and the block diagram depicted in FIG. 4.
Step 301
The user equipment 115 selects to perform an access change, e.g. from GERAN/UTRAN to E-UTRAN 111.
Step 302
The user equipment 115 has previously been assigned the P-TMSI and the old RAI by the SGSN 101. The P-TMSI and the old RAI are identification parameters of the SGSN 101.
Step 303
The MME 103 provides the eNodeB 105 with configuration data matching all valid data. The configuration data specifies for which values of a mapped GUTI the eNodeB 105 shall select the correct MME at which the user equipment 115 is registered and where a native EPS security context is stored.
The configuration data comprises all Location Area Code (LAC) values matching a location in the legacy 3GPP access from where the user equipment 115 may perform an access change to a coverage area of E-UTRAN 111 which is supported by the MME 103 where the user equipment 115 is registered.
Step 304
At an access change to e.g. E-UTRAN 111, the user equipment 115 maps the temporary user equipment identifier, i.e. the P-TMSI plus the old RAI, used in the current access to the identifier, e.g. the GUTI, used in the target access as specified by 3GPP.
The mapping from P-TMSI plus old RAI into GUTI is made such that the LAC is copied into the MME Group ID of the mapped GUTI, and to enable the eNodeB 105 to identify the LAC value as an associated value and thereby select a specific MME 103. It therefore requires the MME 103 to provide configuration data that comprises all LAC values matching a location in the legacy 3GPP access from where the user equipment 115 may perform an access change to a coverage area of E-UTRAN 111 which is supported by the MME 103 where the user equipment 115 is registered, as mentioned above.
Both P-TIMSI and GUTI are identifiers known in the core network, but typically unknown to the radio access network. For that reason the mapping of temporary user equipment identifiers must be performed on the NAS layer.
Step 305
The user equipment 115 provides the mapped parameter, i.e. the mapped GUTI, to its lower layers, e.g. the RRC. In some embodiments, the user equipment supplies a GUMMEI part of a mapped GUTI to lower layers. The lower layers, e.g. RRC, are a transport layer responsible for transporting data from the user equipment 115 to the eNodeB 105.
The mapped GUTI is transmitted in a NAS-message to a lower layer entity, e.g. the RRC, of the user equipment 115 which provides the identity of the registered MME 103, i.e. the MME 103 to which the user equipment 115 is registered.
The lower layer of the user equipment 115 uses the information at establishing a signaling connection and provides the mapped GUTI to the eNodeB 105.
For example, in the case a user equipment 115 moves from GERAN/UTRAN to E-UTRAN the old user equipment reference is the Packet Temporary Mobile Subscriber Identity (P-TMSI), mapped into the GUTI. Both P-TIMSI and GUTI are identifiers known in the core network, but typically unknown to the Radio Access Network (RAN). For that reason the mapping of temporary user equipment identifiers must be performed on the Non-Access Stratum (NAS) layer.
However, since it is a mapped GUTI it is a reference allocated by the SGSN 101 and cannot be used by the MME 103 to perform internal routing to find the user equipment context.
The 3GPP standard specifies that if the user equipment 115 holds a mapped GUTI then this is provided to the lower layers.
Step 306
The eNodeB 105 receives the mapped GUTI and uses it to identify at which MME 103 the user equipment 115 is registered or if the user equipment 115 is not registered by any serving MME 103. In other words, the eNodeB 105 uses the mapped GUTI to find which of the MME's in a MME pool that shall receive traffic from the user equipment 115. In some embodiments the eNodeB 105 may use the configuration data in step 305 to find a matching MME 103 to select.
However, for the eNodeB 105 to find the MME 103 based on a mapped GUTI, which is a P-TMSI plus old RAI, requires the eNodeB 105 to interpret this SGSN 101 related information as related to a specific MME 103 and as a result select this MME 103 as target for the connection attempt.
Step 307
The receiving node, i.e. the eNodeB 105 uses the mapped temporary user equipment identifier to request to get the user equipment context from the MME 103. The user equipment context comprises information about bearer resources, current security context etc. The information is required to maintain IP services at the access change.
The user equipment 115 may have two identities pointing out which packet core node, i.e. MME 103/SGSN 101, which shall handle the traffic for the user equipment 115.
If the legacy 3GPP access is handled by an SGSN pool then the pool may support a large number of LAC values.
However, since a mapped GUTI, which is a reference allocated by the SGSN 101, is used it cannot be used by the MME 103 to perform internal routing to find the user equipment context. The MME 103 will instead use the mapped GUTI to identify in which SGSN 101 the user equipment 115 is registered and from that SGSN 101 retrieve the UE context.
The problem with a large number of LAC values is that the value range of LAC may be 15 available bits, or above 32000 values. The MME 103 may therefore, in the worst case, have to provide a full range of LAC values to the eNodeB 105 in order to make it select the MME 103 where the user equipment 115 is registered, but it is not possible or practical to use such a potentially large amount of data to correlate user equipment 115 handling.
The vast amount of configuration data in MME 103 will cause network OPerating Expenditures (OPEX) to increase not only when a new MME 103 is introduced to the network, but also by succeeding configuration changes that are needed to support changes in use of LAC values from where the user equipment 115 may perform an access change to E-UTRAN. In addition, the vast amount of configuration is likely error prone from human factor at configuration input and is likely to add networking load.
The vast amount of configuration data from each MME 103 handled by the eNodeB 105 would require equally large amount of both memory and processing resources in the eNodeB 105.
The user equipment 115 will then cause the eNodeB 105 to perform unnecessary and in some cases incorrect MME 103 selections and by that cause additional load to the network 100.
Selecting a different MME will cause additional signaling to register the user equipment 115 with a new MME at the HSS 116, the UE context in the old MME is dropped when the user equipment 115 becomes registered by the new MME and by that the current native EPS security context is lost in the network. To establish a new current native security context require execution of the authentication procedure which involves MME-originating signaling towards both the HSS 116 and the user equipment 115, i.e. additional signaling over the air.